uninst.exe

Radar Sync

RadarSync

The executable uninst.exe, “Radar Sync Installation Package” has been detected as malware by 1 anti-virus scanner. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program RadarSync PC Updater 2011 by RadarSync Ltd.
Publisher:
RadarSync  (signed and verified)

Product:
Radar Sync

Description:
Radar Sync Installation Package

Version:
3.7.0.5

MD5:
abd2443b35439d42a2f8e01373f3bd83

SHA-1:
00b8b676fe24339dd581839c125b266a2c809770

SHA-256:
3b1d6b9971f1968476ac833a0c4891c8f567f7916af934726179caa407ee3c00

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 8:27:42 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Optional.RadarSync.DriverUpdater (L)
16.8.10.11

File size:
92.2 KB (94,384 bytes)

Product version:
3.7.0.5

Copyright:
RadarSync

Original file name:
radarsync.exe

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\Program Files\radarsync\uninst.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/19/2010 5:00:00 PM

Valid to:
5/20/2011 4:59:59 PM

Subject:
CN=RadarSync, O=RadarSync, L=Highland Park, S=Illinois, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
382F2F14FD5F1B98676121F145541A

File PE Metadata
Compilation timestamp:
12/5/2009 3:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:XpgpHzb9dZVX9fHMvG0D3XJWDgU16MVAPiLMPBADN/A6VIka35BxLs2r1JDCXRH:ZgXdZt9P6D3XJC7deaM5AU35Bh/r14h

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
6.9053

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Program Uninstaller
Program name:
RadarSync PC Updater 2011

Display publisher:
RadarSync Ltd

Uninstall string:
C:\Program Files (x86)\RadarSync\uninst.exe


Remove uninst.exe - Powered by Reason Core Security